Home > Encryption, Privacy > Proposed encryption "backdoor" for the US Government and how it will fail.

Proposed encryption "backdoor" for the US Government and how it will fail.


If you haven’t heard, the President is drafting legislation that may require hardware and software developers to install backdoors in their encryption solutions and give the keys to these backdoors to the US Government.  In my opinion, this is an increadibly bad idea.

  • This has already been tried and failed.  As reported by PBS Newshour, back in 2005 Greece created backdoors into the cellular telephone networks to allow the government real-time access to this communication system.  It was promptly hacked by foreign governments and Greece’s own government phonecalls were monitored.
  • The United States Government doesn’t have a good handle on this court ordered wiretapping program.  As reported by National Public Radio (NPR), when the Bush administration began its wiretapping program it circumvented the US Constitution and seldom got the required warrants.  While I can’t say for sure, I’d be willing to guess that this project continues.  Lawsuits have been filed but I haven’t heard a definitive answer to these.
  • Open source puts the control in the public’s hands.  Sorry, you won’t find this kind of control if you run one of Microsoft’s operating systems but if you are one of millions that run open source Linux you have complete control over how your software operates.  While developers of ssh may be required to put these backdoors into their software, open source users could just as easily remove the weakness prior to utilizing the tool.  This could actually be a useful tool in a legal battle.  The government couldn’t charge you with not using “approved” encryption software unless they were trying to break into your data stream which would mean that they would have to have a warrant and have to defend the warrant.  (I am not a lawyer.  If this is something important to you I would recommend discussing it with your attorney.)
  • Wouldn’t the mear mere threat that others could be watching your Internet traffic severely reduce the amount of ecommerce that happens?  I wouldn’t want to pass my personal information across an insecure link.  Information security professionals have been beating the drums to get lay people to understand to look for the lock on webpages before submitting personal information.  Now that will be useless.

Have I missed anything?

Creative Commons License
Sparks’ Fedora Project Journal by Eric H Christensen is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Advertisements
Categories: Encryption, Privacy
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s